samba - Sep 2020 - Debian client/workstation pam_mount

Yes, sorry, forgot to include in the last email.
> root at lws4:~# getent passwd tuser16
> tuser16:*:10016:10000:User 16. Test:/home/WKDOM/tuser16:/bin/sh
>
On Sat, Sep 26, 2020 at 9:02 AM Rowland penny via samba <
samba at lists.samba.org> wrote:
> On 26/09/2020 14:52, Robert Wooden wrote:
> > First, my use of IP addresses is a force of habit. User at
shorthostname
> > does work but, as I do not normally ssh with hostname.
> >
> >     adminlinux at lws2:~$ ssh tuser16 at lws4
> >     The authenticity of host 'lws4 (192.168.16.220)' can't
be
> established.
> >     ECDSA key fingerprint is
> >     SHA256:iOPtH7sjCWWoWR/92nVv/fWIp0ogRtlHxeRTrC5EePI.
> >     Are you sure you want to continue connecting (yes/no)? yes
> >     Warning: Permanently added 'lws4' (ECDSA) to the list of
known
> >     hosts. <<<<<< this is new to me????
> >     Warning: the ECDSA host key for 'lws4' differs from the
key for
> >     the IP address '192.168.16.220' <<<<<<
this is new to me, also????
> >
> Perfectly normal, you can ignore this.
> >
> >     Offending key for IP in /home/adminlinux/.ssh/known_hosts:1
> >     Are you sure you want to continue connecting (yes/no)? yes
> >     tuser16 at lws4's password:
> >     Permission denied, please try again.
> >     tuser16 at lws4's password:
> >     Permission denied, please try again.
> >     tuser16 at lws4's password:
> >     tuser16 at lws4: Permission denied
> >     (publickey,gssapi-keyex,gssapi-with-mic,password).
> >
> > As you can see, the password fails but, as I am unfamiliar with the
> > output I see here (using a short hostname) I am not sure this is the
> > correct output.
> > And I am uncertain as to what I need to do to correct this?
>
> Did you try logging in as root on lws4 and running 'getent passwd
> tuser16' ? and if you did, did you get any output ???
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

On 26/09/2020 15:26, Robert Wooden wrote:
> Yes, sorry, forgot to include in the last email.
>
>     root at lws4:~# getent passwd tuser16
>     tuser16:*:10016:10000:User 16. Test:/home/WKDOM/tuser16:/bin/sh
>
OK, your user should be able to log in, provided it is a member of 
servers-ssh or sshgroup, isn't disabled and you are using the correct 
password, The only other possible reason for the login to fail (that I 
can think of), does the users homedir '/home/WKDOM/tuser16' exist ? if 
it doesn't exist, your user will get denied.

Rowland

Okay, now so I don't get confused.
Yes, /home/WKDOM/tuser16 does exist on the client/workstation.

root at lws4:~# getent group
> root:x:0:
> *..snipped for brevity..*
>
winbindd_priv:x:129:
> sshgroup:x:998:adminlinux
> postfix:x:130:
>
..snipped for brevity..
>
There is no servers-ssh group on the C/W. (I have a server-ssh group
somewhere per Louis' instructions, just not on a C/W.) Should there be a
servers-ssh group on a C/W?

And notice that tuser16 is not a member of "sshgroup".


On Sat, Sep 26, 2020 at 9:39 AM Rowland penny via samba <
samba at lists.samba.org> wrote:
> On 26/09/2020 15:26, Robert Wooden wrote:
> > Yes, sorry, forgot to include in the last email.
> >
> >     root at lws4:~# getent passwd tuser16
> >     tuser16:*:10016:10000:User 16. Test:/home/WKDOM/tuser16:/bin/sh
> >
> OK, your user should be able to log in, provided it is a member of
> servers-ssh or sshgroup, isn't disabled and you are using the correct
> password, The only other possible reason for the login to fail (that I
> can think of), does the users homedir '/home/WKDOM/tuser16' exist ?
if
> it doesn't exist, your user will get denied.
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>